Back to Resources

7 Lessons Every CISO Can Learn From the ANU Cyber Attack

During November of 2018, a highly-skilled — possibly nation state threat actor — penetrated the network of the Australian National University. The dwell time, or length of time the attacker went undetected, was around six weeks. Afforded such an extensive period of time, the actor engaged in lateral movement activities, downloaded bespoke malware, conducted further spearphishing campaigns and exfiltrated an unknown amount of data from a possible 19-year treasure trove of records from Human Resources, financial management and student administration. The details of the attack, discovered in June of 2019, have recently been published by the university’s Office of the Chief Information Security Officer. In this post, and based on their thorough report, we review the major lessons every CISO can learn from the ANU cyber attack.
Read More

Experience the World’s Most Advanced Cybersecurity Platform

See how our intelligent, autonomous cybersecurity platform harnesses the power of data and AI to protect your organization now and into the future.